*) NOTE: OpenSSL 0.9.8 branch will be End Of Life at the end of the year (2014). This may be the last release of the 0.9.8 branch.

OpenSSL 1.0.1j Changes

*) SRTP Memory Leak. (CVE-2014-3513)

A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.

The fix was developed by the OpenSSL team.

*) Session Ticket Memory Leak. (CVE-2014-3567)

When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. [Steve Henson]

*) Build option no-ssl3 is incomplete. (CVE-2014-3568)

When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. [Akamai and the OpenSSL team]